Some Russian PCs used to cyberattack Georgia

By Byron Acohido, USA TODAY
Aug. 18, 2008

Find original copy of this article here.

Thousands of Russian supporters are volunteering their PCs to be used in cyberattacks against websites supporting the rival state of Georgia.

This new style of cyberwarfare – in which ordinary citizens instantly enlist their PCs to help bedevil the enemy – has caused little damage of substance, security experts say. But it affirms the untapped potential for using the Internet to cause mass confusion for political gain.

“This type of attack will form at least a part of all geopolitical conflicts from now on,” predicts Steve Santorelli, director of investigations at research firm Team Cymru.

Several hours after Russia and Georgia began skirmishing over the disputed territory of South Ossetia on Aug. 8, a call to arms got posted on several pro-Russia online forums. Visitors were directed to a posting on the website, which listed Georgia government sites, including that of President Mikhail Saakashvili, as targets. Also posted: a software tool that emits a stream of nuisance requests from the user’s PC to the targeted websites.

By clicking on the tool, “you volunteered to weaponize your PC and participate in a denial-of-service attack” on Georgia’s Web pages, says Artem Dinaburg, a researcher at security firm Damballa. During such an attack, normal visitors to a Web page are denied access as it gets overwhelmed by nuisance requests.

Thousands of pro-Russia activists have been clicking on the tool ever since, attacking a list of pro-Georgia websites that’s freshened each day, Dinaburg says. The attacks run sporadically for a few hours – as long as enough activists dedicate their PCs to the assault.

“This is the new domain for conflict,” says Jim Lewis, senior fellow at the Center for Strategic and International Studies. Disruptive cyberattacks can “interfere with critical services in a way that gives a military advantage,” he says.

Russian cybercrime lords are also helping out by directing parts of their vast networks of compromised PCs, called botnets, to involuntarily join the attacks. On Friday, Damballa identified a few hundred botted PCs in the U.S. attacking pro-Georgia websites.

A similar attack cut off most Internet services to Estonia for several weeks last year. And there have been at least a dozen smaller-scale attacks over political disputes between Russia and Baltic states with Western leanings since then, says VeriSign iDefense researcher Kimberly Zenz.

Find this article at:

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone